.NET 6.0 bug fix update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

April 25, 2023-KB5025367 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2

April 25, 2023-KB5025367 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 Release Date: April 25, 2023 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the Cumulative Update for 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2...

CVE-2023-2166

A null pointer dereference issue was found in can protocol in net/can/afcan.c in the Linux before Linux. mlpriv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service...

2023-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 20H2 for ARM64 (KB5022727)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2023-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 for ARM64 (KB5022729)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2023-02 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 (KB5022728)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2023-02 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 20H2 for x64 (KB5022727)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2023-02 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 20H2 (KB5022727)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Security Bulletin: A vulnerability in Microsoft .NET Framework may affect IBM Robotic Process Automation and result in an exposure of sensitive information (CVE-2022-41064)

Summary There is a vulnerability in .NET Framework components used by IBM Robotic Process Automation as part of it's infrastructure, which may allow a remote authenticated attacker to obtain sensitive information. CVE-2022-41064. This bulletin identifies the security fixes to apply to address thi...

Debian: Security Advisory (DLA-3343-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3343-1] mono security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3343-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk February 24, 2023 https://wiki.debian.org/LTS -...

Arbitrary Code Execution

MongoDB.Bson is vulnerable to Arbitrary Code Execution. The vulnerability exists because the library does not properly filter AllowedTypes when deserializing an object, allowing a privileged attacker to inject and execute malicious code through the ObjectSerializer in specific situtations. The...

Deserializing compromised object with MongoDB .NET/C# Driver may cause remote code execution

Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...

CVE-2022-48282

Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...

CVE-2022-48282

Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...

Design/Logic Flaw

Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...

CVE-2022-48282

CVE-2022-48282 affects MongoDB .NET/C# Driver up to version 2.18.0. Under very specific conditions, a privileged user can cause arbitrary code execution via deserialization, involving applications written in C# running on Windows with the full .NET Framework, taking user data, and serializing wit...

CVE-2022-48282 Deserializing compromised object with MongoDB .NET/C# Driver may cause remote code execution

Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...

CVE-2022-48282 Deserializing compromised object with MongoDB .NET/C# Driver may cause remote code execution

Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...

Security Updates for Microsoft .NET Framework (February 2023)

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, as follows: - A denial of service DoS vulnerability. CVE-2023-21722 - A remote code execution vulnerability. CVE-2023-21808 %NASLMINLEVEL 80900 C...